Do iPhones get viruses?

Do iPhones get viruses? We explain why iOS malware is rare - but not unknown

Many of our readers wonder if iPhones get viruses. After all, iPhones are famous for their strong security; any time rival fanboys have an argument about whether iPhones or Android smartphones are better, the superior security of the iOS platform is bound to come up. (To be fair, Android phones are pretty secure too.)

When iPhone users ask us if their device has been infected by a virus, we generally explain that this is unlikely. There are more plausible explanations for odd behaviour: you may, for example, be seeing a misbehaving advert in one or more apps you use regularly, triggering behaviour that is intended to convince you that iOS is infected and you need to download an app to fix it, or redirecting you to a dodgy web page or a dodgy app on the App Store.

However, malware of one kind or another does exist for iOS, even though it remains extremely rare.

Technically speaking, a virus is a piece of code that inserts itself into another program, whereas a worm is a standalone program; both seek to propagate themselves, usually by hijacking messaging applications or via social engineering.

The first part of this definition applies to a small number of malware attacks on the iOS platform; some apps, including a small number which are otherwise totally respectable, have suffered the insertion of malicious code or the hijacking of the developer tool used to create them, and although malware apps should be caught at the app approval stage before appearing on the App Store, those who have jailbroken their devices can install apps from other sources and may inadvertently install something dangerous.

In either case, however, iOS's sandbox nature should prevent the malware from getting access to other applications in order to spread itself, or to the underlying operating system.

How secure is an iPhone?

It's difficult to argue that iOS is not a secure platform - more secure than Android, for instance. iOS isn't impregnable, and it's very dangerous for iPhone users to assume that it is (see how to remove an iPhone virus and iPhone security tips), but far more malware is written for Android - Pulse Secure's 2015 Mobile Threat Report put the figure at 97 percent of all mobile malware, while the US Department of Homeland Security estimated in 2013 that just 0.7 percent of malware threats were aimed at iOS - and while this is partly because Android has more users, it's mainly because it's simply an easier target.

The 'closed' platforms - iOS, Windows and BlackBerry - have very little malware written for them. It's easier to break into Android, and malware writers will almost always go for the low-hanging fruit.

Part of the problem for Android is that its users tend to be slow or lazy at installing updates: the DoHS report above found that 44 percent were still on a version of Android that had been released two years earlier. (By contrast, after five months of availability iOS 10 was on nearly 80 percent of active devices.) There are also small differences between the flavours of Android used by the different handset makers, which makes it harder to distribute security patches, applicable to all versions, on a timely basis.

Don't make the mistake of assuming that the iOS platform and Apple's App Store are invulnerable to attack. They're not. But they are more secure than the Android equivalents. Despite its findings, F-Secure insists that Apple's App Store "remains a tougher nut to crack than the Android ecosystem".

You quite often hear the logically flaky reasoning that, because Apple's OS software products aren't perfectly secure, they're no better than rival products which also aren't perfectly secure. It's easy to explain why this is wrong. iOS (like its desktop counterpart, macOS) is very secure indeed, albeit not completely secure. Android is pretty secure, but quantifiably less secure than iOS.

iPhone viruses and other malware

As we said, there are still dangers out there for iPhone users.

In March 2017, Wikileaks released Vault 7, a collection of documents and files which purportedly reveal methods and strategies employed by the CIA - including a range of vulnerabilities they have used to break into iOS devices. Mind you, Apple insists that most of these have since been patched.

In its 2015 Threat Report, F-Secure Labs reports on several instances of malware penetrating Apple's 'walled garden' App Store. Instead of using social engineering to persuade users to download malware directly, hackers have learned to target the app developers, who then use "compromised tools to unwittingly create apps with secretly malicious behaviour".

Multiple apps - anywhere from 30 to 300, and many of them from reputable companies - were removed from the App Store in September 2015 because they contained the XCodeGhost malware. Later that year similar situations arose with apps based on UnityGhost, a compromised version of the Unity development framework, and on the Youmi SDK.

How to find out if your iPhone has a virus

iPhones can get viruses, then - even if it's a rare occurrence. But if you're wondering if this has happened to your phone, here's how to find out.

The main questions when trying to work out what has happened to your malfunctioning iPhone or iPad are these:

Have you jailbroken your device? And if so, have you installed an application from a non-official source whose authenticity is questionable? (Installing apps from non-official source is essentially the entire point of jailbreaking.) If yes, you may have malicious software on your device, and should attempt to locate and uninstall it.

Does the behaviour appear when you use certain apps only? Common behaviour exhibited by apps that have been hijacked include redirecting you to an unfamiliar web page, and opening the App Store without permission. Try uninstalling the app that's active when these issues pop up, and see if the problem is solved.

If the problem continues to happen no matter which apps are open, your device is probably misbehaving because of a hardware problem, or because of an iOS change that you're not used to yet, or because you or another user of the device has changed a setting, perhaps inadvertently. Or you may have a virus. Whichever of these issues it is, we would take the device to an Apple Genius Bar.